System Security Plan (O&M Sample Clauses

System Security Plan (O&M. (a) The Concessionaire shall prepare and submit to RTD for RTD's approval a plan (the System Security Plan (O&M) or SSP (O&M)) establishing its approach to security management and threat and vulnerability management. The SSP (O&M) shall be in accordance with applicable Law and the standards of the APTA, FRA and DHS. [CDRL #10-21] No later than five days following RTD's confirmation that the SSP (O&M) complies with the relevant requirements, RTD will submit such plan to the FTA and the FRA and any other Relevant Authority on the Concessionaire's behalf. The Concessionaire shall not amend, modify or vary the SSP (O&M) that RTD has submitted to the FTA, the FRA and any Relevant Authority at any time without the approval of RTD and such Relevant Authority. (b) The SSP (O&M) shall include a detailed security staffing and operations plan (the Security Staffing Plan) setting forth all aspects of security staffing and operations, necessary to achieve compliance with Law and the standards set forth in Section 8.3(a), including: (i) minimum hiring qualifications; (ii) training standards and training programs emphasizing professionalism, courtesy, customer service and ambassadorship; (iii) the roles and responsibilities of the Security Command Center staff; and (iv) patrol duties for security officers (if any). (c) The Security Staffing Plan shall be materially consistent with RTD's current security personnel staffing and security operations, as updated from time to time. (d) The Concessionaire shall at least annually review the SSP (O&M); update the SSP (O&M) to ensure continued compliance with each of the Concessionaire's obligations in this Section 8; and submit such updates to RTD. [CDRL #10-21] RTD will follow the process described in paragraph (a) above with regard to review, approval and submittal to Relevant Authorities on the Concessionaire's behalf of such updates to the SSP (O&M).
AutoNDA by SimpleDocs

Related to System Security Plan (O&M

  • System Security (a) If any party hereto is given access to the other party’s computer systems or software (collectively, the “Systems”) in connection with the Services, the party given access (the “Availed Party”) shall comply with all of the other party’s system security policies, procedures and requirements that have been provided to the Availed Party in advance and in writing (collectively, “Security Regulations”), and shall not tamper with, compromise or circumvent any security or audit measures employed by such other party. The Availed Party shall access and use only those Systems of the other party for which it has been granted the right to access and use. (b) Each party hereto shall use commercially reasonable efforts to ensure that only those of its personnel who are specifically authorized to have access to the Systems of the other party gain such access, and use commercially reasonable efforts to prevent unauthorized access, use, destruction, alteration or loss of information contained therein, including notifying its personnel of the restrictions set forth in this Agreement and of the Security Regulations. (c) If, at any time, the Availed Party determines that any of its personnel has sought to circumvent, or has circumvented, the Security Regulations, that any unauthorized Availed Party personnel has accessed the Systems, or that any of its personnel has engaged in activities that may lead to the unauthorized access, use, destruction, alteration or loss of data, information or software of the other party hereto, the Availed Party shall promptly terminate any such person’s access to the Systems and immediately notify the other party hereto. In addition, such other party hereto shall have the right to deny personnel of the Availed Party access to its Systems upon notice to the Availed Party in the event that the other party hereto reasonably believes that such personnel have engaged in any of the activities set forth above in this Section 9.2(c) or otherwise pose a security concern. The Availed Party shall use commercially reasonable efforts to cooperate with the other party hereto in investigating any apparent unauthorized access to such other party’s Systems.

  • Security Plan The Business Continuity Plan and the Disaster Recovery Plan may be combined into one document. Additionally, at the beginning of each State Fiscal Year, if the MCO modifies the following documents, it must submit the revised documents and corresponding checklists for HHSC’s review and approval:

  • System Security Review All systems processing and/or storing County PHI or PI must have at least an annual system risk assessment/security review which provides assurance that administrative, physical, and technical controls are functioning effectively and providing adequate levels of protection. Reviews should include vulnerability scanning tools.

  • Security Program Contractor will develop and implement an effective security program for the Project Site, which program shall require the Contractor and subcontractors to take measures for the protection of their tools, materials, equipment, and structures. As between Contractor and Owner, Contractor shall be solely responsible for security against theft of and damage of all tools and equipment of every kind and nature and used in connection with the Work, regardless of by whom owned.

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. (2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program. (3) DTI shall comply with its Information Security Program.

  • Emergency Mode Operation Plan Contractor must establish a documented plan to enable continuation of critical business processes and protection of the security of electronic County PHI or PI in the event of an emergency. Emergency means any circumstance or situation that causes normal computer operations to become unavailable for use in performing the work required under this Agreement for more than twenty-four (24) hours.

  • DTC DIRECT REGISTRATION SYSTEM AND PROFILE MODIFICATION SYSTEM (a) Notwithstanding the provisions of Section 2.04, the parties acknowledge that the Direct Registration System (“DRS”) and Profile Modification System (“Profile”) shall apply to uncertificated American Depositary Shares upon acceptance thereof to DRS by DTC. DRS is the system administered by DTC pursuant to which the Depositary may register the ownership of uncertificated American Depositary Shares, which ownership shall be evidenced by periodic statements issued by the Depositary to the Owners entitled thereto. Profile is a required feature of DRS which allows a DTC participant, claiming to act on behalf of an Owner of American Depositary Shares, to direct the Depositary to register a transfer of those American Depositary Shares to DTC or its nominee and to deliver those American Depositary Shares to the DTC account of that DTC participant without receipt by the Depositary of prior authorization from the Owner to register such transfer. (b) In connection with and in accordance with the arrangements and procedures relating to DRS/Profile, the parties understand that the Depositary will not verify, determine or otherwise ascertain that the DTC participant which is claiming to be acting on behalf of an Owner in requesting a registration of transfer and delivery as described in subsection (a) has the actual authority to act on behalf of the Owner (notwithstanding any requirements under the Uniform Commercial Code). For the avoidance of doubt, the provisions of Sections 5.03 and 5.08 shall apply to the matters arising from the use of the DRS. The parties agree that the Depositary’s reliance on and compliance with instructions received by the Depositary through the DRS/Profile System and in accordance with this Deposit Agreement shall not constitute negligence or bad faith on the part of the Depositary.

  • Construction Management Plan Contractor shall prepare and furnish to the Owner a thorough and complete plan for the management of the Project from issuance of the Proceed Order through the issuance of the Design Professional's Certificate of Material Completion. Such plan shall include, without limitation, an estimate of the manpower requirements for each trade and the anticipated availability of such manpower, a schedule prepared using the critical path method that will amplify and support the schedule required in Article 2.1.5 below, and the Submittal Schedule as required in Article 2.2.3. The Contractor shall include in his plan the names and resumés of the Project Superintendent, Project Manager and the person in charge of Safety.

  • Stock Plan Administration Service Provider The Company transfers the Optionee's Personal Information to Fidelity Stock Plan Services LLC, an independent service provider based in the United States, which assists the Company with the implementation, administration and management of the Plan (the “Stock Plan Administrator”). In the future, the Company may select a different Stock Plan Administrator and share the Optionee's Personal Information with another company that serves in a similar manner. The Stock Plan Administrator will open an account for the Optionee to receive and trade Shares acquired under the Plan. The Optionee will be asked to agree on separate terms and data processing practices with the Stock Plan Administrator, which is a condition to the Optionee’s ability to participate in the Plan.

  • Configuration Management The Contractor shall maintain a configuration management program, which shall provide for the administrative and functional systems necessary for configuration identification, control, status accounting and reporting, to ensure configuration identity with the UCEU and associated cables produced by the Contractor. The Contractor shall maintain a Contractor approved Configuration Management Plan that complies with ANSI/EIA-649 2011. Notwithstanding ANSI/EIA-649 2011, the Contractor’s configuration management program shall comply with the VLS Configuration Management Plans, TL130-AD-PLN-010-VLS, and shall comply with the following:

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!